I'm currently in the process of installing DataStage(PX) on an AIX server. This perticular box will be used for traning and development projects.
I need to properly "secure" the training projects and development projects. I think I can do this using a mix of UNIX groups and Datastage groups.
Is this futile, doable? Anyone experimented this? Where can I find proper information on datastage groups. (the pdfs are hardly helpful).
Thanks for the push
Configuration help and ideas
Moderators: chulett, rschirm, roy
-
- Participant
- Posts: 54607
- Joined: Wed Oct 23, 2002 10:52 pm
- Location: Sydney, Australia
- Contact:
There's no such thing as "DataStage groups" - I suspect you're referring to DataStage roles. You attach DataStage roles to operating system groups in the Administrator client.
Definitely do-able.
Create one operating system group for each project, and another (say dstage) for all DataStage users. Make dstage the primary group for dsadm. Make all DataStage users' umask 002. Make each DataStage user's primary group the group associated with that user's main project.
Add users to groups according to which projects they need to work in.
Definitely do-able.
Create one operating system group for each project, and another (say dstage) for all DataStage users. Make dstage the primary group for dsadm. Make all DataStage users' umask 002. Make each DataStage user's primary group the group associated with that user's main project.
Add users to groups according to which projects they need to work in.
IBM Software Services Group
Any contribution to this forum is my own opinion and does not necessarily reflect any position that IBM may hold.
Any contribution to this forum is my own opinion and does not necessarily reflect any position that IBM may hold.
-
- Participant
- Posts: 3337
- Joined: Mon Jan 17, 2005 4:49 am
- Location: United Kingdom
-
- Participant
- Posts: 54607
- Joined: Wed Oct 23, 2002 10:52 pm
- Location: Sydney, Australia
- Contact:
umask 00 allows everyone who has access to the machine to read and write. Everyone. If that's what you want, then OK.
umask 002 means that only members of the group (as well as the original creator/owner) have write permission; to others the objects are read-only.
umask 002 means that only members of the group (as well as the original creator/owner) have write permission; to others the objects are read-only.
IBM Software Services Group
Any contribution to this forum is my own opinion and does not necessarily reflect any position that IBM may hold.
Any contribution to this forum is my own opinion and does not necessarily reflect any position that IBM may hold.